Privacy policy

Privacy policy

This privacy policy (Policy), in accordance with EU Regulation 2016/679 (“GDPR”) and Legislative Decree 196/2003 (“Privacy Code”) (together “Privacy Regulations”), sets out how and for which purposes Insight Studio Legale, with registered office in Milan, Piazzale Marengo 6, as data controller (“us” or “we”), will process your data through the website www.insightlegal.it (the “Website”).
Please note that this privacy policy refers only to the Website and should not cover other web pages or third party websites which are accessible via external links. Therefore, we invite you to read the relevant privacy policies of those third party websites to better understand how they process data.

Which data do we process?
The Website is structured to minimize the collection and the processing of personal data. We process the personal data that you provide to us via the Website (e.g. name, surname, e-mail address, home address, phone number) (“Personal Data”).
In this regard, we invite you to not provide us Personal Data that you do not wish us to process.

In relation to which purposes do we process your Personal Data and what is the legal basis for processing?

Purposes of the processing

Legal basis for processing

(A) For the purpose of answering your request sent using the contact details listed under the “Contact us” section of the Website and providing any required further legal advice. - The processing is necessary for the performance of a contract to which you are subject or in order to take steps at your request prior to entering into a contract. - The processing is necessary to ensure compliance with legal obligations to which we may be subject.
(B) For the purpose of sending our newsletter and/or invitations to our conferences, events and receptions. - You have given consent to the processing of your Personal Data.
(C) For the purpose of defending our or a third-party legitimate interest (e.g., the right to file a claim, the prevention of fraud and/or illegal activities, etc.) - The processing is necessary to defend a legitimate interest of the data controller or third parties.
(D) For the purposes connected with the execution of legal obligations. - The processing is necessary to be compliant with legal obligations.

Are you required to provide your personal data?
– in relation to purpose (A), (C) and (D) above, the provision of your personal data is necessary and any refusal to provide such data may make it impossible to provide you with the requested services (e.g. information/legal advice requested to us);

– in relation to purpose (B) above, you may freely decide to provide/not provide your consent and any refusal to give such consent to the processing of your personal data only makes it impossible for you to receive the newsletter and/or invitations by us, without however precluding the use of the services referred to in the Website.

Whom can we share your Personal Data with?
If you provide your Personal Data to us, your Personal Data will be processed only in relation with the abovementioned purposes and by persons specifically appointed by our firm (e.g., our partners, associates, of counsels and employees). Any external service provider we may use in order to perform our services will act on our behalf, as appointed data processor.
We will not transfer your personal data to any third party without your prior written consent, unless required by the law.

For how long do we store your Personal Data?
Your Personal Data will be stored, in compliance with the applicable law, for a term not exceeding what is necessary to pursue the purposes for which they were processed.
The criteria for determining the storage period of the Personal Data takes into account the allowed processing period and the applicable law on limitation of rights and your legitimate interests where these are the legal basis for processing.
After this, your Personal Data will be deleted, aggregated or anonymized.

Which rights can you exercise in relation to your Personal Data?
We remind you that you can exercise the rights provided by Privacy Regulations and in particular:

– You have the right to obtain from the data controller confirmation as to whether or not Personal Data concerning you are being processed, and, where that is the case, access to the following information: the purposes of the processing, the categories of Personal Data concerned; the recipients or categories of recipient to whom the Personal Data have been or will be disclosed, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period;

– You have the right to obtain from the data controller the rectification of inaccurate Personal Data concerning you and/or, taking into account the purposes of the processing, the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

– You have the right to obtain from the data controller the erasure of Personal Data concerning you without undue delay if one of the grounds provided by the Privacy Regulations applies.

– Whenever the processing of Persona Data is based on consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;

– You have the right to obtain the restriction of processing of Personal Data concerning you, whenever provided by the Privacy Regulations;

– You have the right to receive the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine- readable format and/or the right to request that such Personal Data is transmitted to another controller within the limit established by the Privacy Regulations.

– You have the right to object to processing of Personal Data concerning you in accordance with the Privacy Regulations.

You may exercise these rights by sending:

– an e-mail at the address [email protected]

Without prejudice to any other administrative or legal petition, you also have the right to file a complaint before the supervisory body (for Italy the “Garante per la protezione dei dati personali”), if you believe that management of your Personal Data has been carried out in violation of the applicable Privacy
Regulations. Further information is available at the following link:
http://www.garanteprivacy.it.

Is your Personal Data transferred outside the territory of the European Union?
No. Your Personal Data is not transferred outside of the European Union.

Is your Personal Data managed via automated decision systems?
No. There are no automated decision systems.

Changes and updates to the privacy policy
This Policy is updated as of April 2019. Please check periodically to follow the updates applied to this Policy.